Sonatype Blog: Latest Posts

Only 15% Of Known Malware Caught By Android 4.2′s Verifier

The H – (International) Only 15% of known malware caught by Android 4.2’s verifier. A researcher at North Carolina State University found that only 15 percent of known malware samples tested on Android 4.2’s new app verification service were detected. The researcher loaded 1260 malware samples from the Android Malware Genome Project onto 10 Android 4.2 devices. Of the 1260 samples only 193 were detected as malware. The researcher also performed a test comparing Google’s verification against a range of ten different existing anti-virus applications through VirusTotal, looking at randomly selected malware samples from each malware family. The anti-virus applications run by VirusTotal ranged in efficacy from 100 percent to 51 percent, but the Android App verification system scored only 20.4 percent. The researcher noted that the app verification service uses a fragile mechanism of verifying SHA1 values from the app and package name to determine whether a package is dangerous or potentially dangerous. He also notes that the verification system relies on the server component, leaving the client-side of the system completely without detection capabilities.